Posted
by
CmdrTaco
on Wednesday May 31, 2006 @10:08AM
from the bet-some-smart-guys-work-there dept.

mrogers writes "USA Today has a story describing how the NSA looks for suspicious calling patterns in the huge volumes of traffic data it collects. "Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation. There have been complaints that low-quality leads are drawing agents away from other cases, and similar pattern-matching approaches have been found wanting in the past. Can data mining identify terrorists?"

I don't know about terrorists, but calling patterns can effectively be used to identify drug dealers, according to HBO's The Wire [hbo.com]. I imagine polygamists, as illustrated in HBO's Big Love [hbo.com], would exhibit abnormal calling patterns with their supersized family calling plans.

And don't tell me That's just television because no, sir, It's not TV, it's HBO.

I don't know about terrorists, but calling patterns can effectively be used to identify drug dealers, according to HBO's The Wire. I imagine polygamists, as illustrated in HBO's Big Love, would exhibit abnormal calling patterns with their supersized family calling plans.

And let's not forget all those out there with girlfriends/boyfriends they don't want their wives/husbands to find out about. That alone could make great extortion material and provide a new way to fund covert operations.

Bah, who needs to be anonymous? I'll freely admit that I start off random conversations with "in" friends with, instead of "hello", "kill the president". Then I randomly throw in other potential keywords at random points later if I feel like it.

Hey, if you hear of someone from Iowa ending up in Guantanamo, you know what happened.;)

They should formalize this practice and make a palindrome out of the resulting acronym. That way we can be distracted with how cool they are to think of such things instead of worrying about what they're actually doing.

NSA-ASN - NSA's Analysis of Social Networks.

*sigh* I'm very honestly starting to get a sick feeling in my stomach over the direction our (my) country is headed. And yet, I feel like there's nothing I can do about it. Vote? Yeah... right.

Because in order for your vote to count, it has to agree with a large number of other votes. If we got a libertarian for President--say, Michael Badnarik--then the NSA would have to hide its spying from the President, as well. But for any national candidate to succeed, they need media coverage. For some reason, Ralph Nader, who was only on the ballot in 36 states, got far more coverage than Badnarik, who was on the ballot in (I believe) 49 states. Why? Because Nader couldn't have won, so the media could safely involve him.

So, your choices for every election are between media coalitions. Which generally means that each of the major US parties supports slightly differing sections of the economy--service sector for the Democrats, production for the Republicans. That's the major difference.

Now, armed resistance is ridiculous when the government has billions of dollars of military equipment. And other technological countermeasures will likely prove ineffective in a short period of time.

you have to be kidding! you're claiming that the media covered Nader because he could not have won, but Badnarik could have won and so they didn't cover him? they didn't cover Badnarik because even if he was on the ballot in 150 states, he still could not have won. i agree - its a poor reason to avoid covering Badnarik and his party's ideas, but lets get serious about the reasons here.

I agree with the parent.His winning the election (or even being allowed to attend the presidential debates) would have been disruptive to their entrenched interests, so the mass media only presented the two candidates which were known quantities.

Millions isn't enough -- you need tens of millions of people. Most government activity centers around entitlement programs and the military, both of which have large, vocal & immensely power trade and civic groups rallying on their behalf. Nearly every American benefits in some way from bloated government, and only a miniscule minority are willing to give up granny's free nursing home or overfunded local schools & police.

Honestly though, why not a simple alternative?Terrorists are very well funded if we are to believe the crap that spews forth from our leaders so why dont they take an approach that is different from normal?

Bin laden can buy all his terrorists a SIP Wifi Phone and use Free World Dialup to keep in touch or simply dial a direct IP. Throw away prepay cellphones are easy to come by, why dont these terrorists buy a "boost mobile" and simply buy only a single airtime card and then throw the whole thing away when d

I have a friend whose dad emigrated from Iraq over fifty years ago. The stateside family regularly calls the Iraqi-born family members who live in Iraq to say hello and catch up on current events - like how many schools have been painted that week or whether the electricity is on this month, or whether the price of gas in Baghdad is higher than in the U.S. honestly, I don't know what they talk about. But they do talk.

Now, I have beers with my friend once or twice a week. We e-mail and call each other occasionally. I'm only separated by one phone call from his relatives in Iraq.

You'd better bet my name is in one of these FBI "leads", and it's entirely inappropriate. Maybe they're checking out my surfing habits, too, because there's been a long stall lately whenever I check Slashdot's front page...hope I don't go to your page and involuntarily make you part of the conspiracy.

At the top of the tree is my friend's family, calling relatives in Iraq. At the bottom, there's me, a critic of this administration. We're all connected by a single phone call from one "suspect" party to a "suspect" place. And yet I have no affiliations with terrorists somehow.

I guess the guy with the microphone in his I.P.A. is the Feeb. See you at the pub!

At the top of the tree is my friend's family, calling relatives in Iraq. At the bottom, there's me, a critic of this administration. We're all connected by a single phone call from one "suspect" party to a "suspect" place. And yet I have no affiliations with terrorists somehow.

Ah, but what you fail to realize (begin sarcasm) is that clearly there is a link between terrotists and those critical of this administration (end sarcasm).

The prevailing attitude seems to be that it's unpatriotic to criticise them, and if you're a foreign person criticizing their actions, then you must be a terrorist. There's no middle ground for many.

I'm glad my passport has expired, now I have an excuse to tell anyone who wants me to go the US to PFO. I'm tired of the bullshit. I used to hold the US constitution and system of government as an ideal, and one which wouldn't fall prey to this sort of crap. However, I'm being proven wrong on a weekly basis. Now they're just trying very hard to completely undermine all of those elements.

The terrorists have not only won, but played into the hands of those who have always wanted to do this.

"Terrorists are very well funded if we are to believe the crap that spews forth from our leaders so why dont they take an approach that is different from normal?"

In the mid-90s, I took a course in Introduction to International Terrorism. The professor's master's thesis was on terrorist funding resources in the United States. He told us the story of how his thesis came together and the argument he got into with his advisor.

He was studying somewhere in the Mid-West, I forget where. Anyway, the thesis ended up as a sort of bet: how active is terrorist funding in the following X Mid-Western cities? In the end, he found that several big-named groups (in the 1980s) were actively receving funds in those cities. He said his research was illuminating as to just how well-funded these groups were based only on activity in the U.S., not to mention other potential sources.

So, while you may want to discount what the government says about terrorist funding, I say to you that without hearing this from the government I can assure you that terrorists are at least as well-funded as the government would have you believe. Just because the government says it does not make it false.

As said in the comment above.. a decade ago. Sympathizers in the USA were well known for supporting the IRA (Provisional Irish Republican Army / Real IRA) in Ireland through the 80's and 90's, and the UK has constantly houded the US to combat this funding.

After 911 the US adminstration decreed along with the war on Terror - 'funding terrorism is a crime'. While the comment was primarliy aimed at Al-Queda, funding the IRA was (unintentionally?) put in the same category.

The problem is, this strategy is not only ineffective, it can be counterproductive.

There is plenty out there on the "Strength of weak links", where past associations (old roommates, sleeper cells), with not contact can be very strong service links when reinitiated.

There is also plenty out there on how this is DoSing the FBI.

And the tin foil hat crowd (a very popular piece of headware these days) will point out that this tool is far more useful for targeting individuals than searching for patterns. And what if you are the target?

Was about to say the same thing. Traffic pattern analysis doesn't work at all for sleeper cells, like the people who carried out the 9/11 attacks. Sleeper cells, by definition, tend to be quiet for long periods of time with only intermittent contact between members and any organizing force. To someone looking at traffic pattern analysis, this will look no different from me talking to my cousin in Atlanta or my uncle in DC, which we do once in a long while. Analysis of the 9/11 hijackers would've shown normal, suburban usage.

The trend in terrorism lately is decentralization: the guys who carried out the Madrid train bombings were home-grown, were not known terrorists, and were not previoiusly involved in any high level attacks or meetings. They didn't show up on anyone's radar precisely because they didn't fit any profile, nor would they be found with traffic pattern analysis. Add to this the recent news that the AQ higher ups have ceased using satellite or cel phones and you have the basic problem with asymetrical warfare, one which the White House and DoD refuse to learn: you can't fight a guy wearing a suicide vest with satellites and computers, and you can't find a loosely organized, ad hoc group of people by looking for organized cells. The top down model of terrorism is dead, and it seems to be the only thing we're still looking for.

What we need, and what the White House and DoD are steadfastly refusing to develop, is old-fashioned HUMINT, human intelligence. We need speakers of Arab in all of the various dialects, we need people schooled in Middle Eastern politics, history, religion and socities, and we need to get people with Middle Eastern backgrounds into the intelligence services and up the command chain. One of the reasons the CIA was as efficient as it was in the 60s and 70s was the large number of working agents from countries in which they were working. Gust Avrakotos [wikipedia.org] was such an effective agent in Greece and elsewhere because he spoke the native languages and knew the local customs. He wasn't viewing the space by satellite from DC. He was in the mix.

If this wholesale data mining works, then the government will tout this success as justification for its acts. If it doesn't work, the government will complain that we're not letting them do enough to ensure our safety, and use the failure to justify even more outrageous violations of our privacy.

Whether it works or not, however, is beside the point. The point is: is it legal? Enough people have maintained that it is not to warrant a serious investigation into the matter.

The question should be is it consistent with America's values? Or is it moral? And I think the answer is a resounding NO!

The problem when you ask about legality is that you get legal opinions with obscure analysis that circumvents the broader question of whether America SHOULD do this.

It's alot like the debate surrounding our system of legalized bribery (except we call it lobbying). "Oh, they paid for a plane trip, let's make those illegal." The debates center around the legal technicalities, but largely ignore the larger problem of targeted contributions directly affecting specific votes and the immoral culture of lobbying.

I know that YAhoo has commented on this because they datamine extensively to find surfing habits on their site to better place advertisements. Obviously this is a bit different, but the technology and methodology is similar. I have no problem with computers analyzing calling patterns. There was a distinct pattern of calls that lead up to 911 and other attacks.

They are operating under a logical fallacy. A flurry of calls after an overseas call does not mean the two are related in any way. Perhaps (and more likely than the person being a terrorist) is that the person which received the overseas call and then calls domestically is just relaying family information.

I know my family operated like this (although completely within the US). All you had to do was tell my grandmother something, and you could rest assured she'd spread the news to the rest of the family for you.

When I first read the original post, I thought the same thing: families trying to save a buck by the overseas brother calling his grandma, or a businessman calling the office and the secretary spreading the word. However, this is only an argument about the way the data is interpreted, not about the way the data is collected. If this data mining is a good or bad thing is dependent on other stuff.

Moreover, if I were a terrorist, I'd use some more anonymous method than telephone calls. Ssh'ing into some remote computer where a series of encrypted text files contain the information needed would be simple, effective, and (using proxies or TOR) anonymous.

It is easy to spot "distinct patterns" after you know all the players and can put the pieces together in context. As they say, Hindsight is 20/20.I have a sister over-seas. If/when she calls anyone else in the family with news/updates/etc it will generate this pattern of many domestic calls as we have a large extended family who wants to know how she and her family is doing.

This does not mean we are terrorist, even though we might fit this "pattern" of suspicious calls. I bet calls to 900 numbers are sus

Obviously, everyone wants the government to stay out of the public's provate life, but there is a big difference between listening to peoples phone calls and looking for calling patterns. I find the latter to be somewhat acceptable, but it is subject to abuse like everything else. The government is in a tough situation where people demand protection, but want to maintain their civil rights rightfully so. It's a tough t

Obviously, everyone wants the government to stay out of the public's provate life, but there is a big difference between listening to peoples phone calls and looking for calling patterns.

There is a difference in that one is expressly and well-established to be unconstitutional, and the other is merely of dubious constitutionality and prohibited by statute (or, at least, the telcos turning over the information si generally prohibited by statute.)

The monitered person can distribute the calls through multiple phone lines. With cooperation, a group of individuals can pool phones to use and this system won't detect them. What is detectible is how many phone lines are registered to a person.

However the government has yet to catch up to the real world. I can disitalyl distribute the message through the internet using techniques that would not arouse suspicion, partivularly with al the online gaming of today.

Aside from this being patently illegal, what bothers me is the cavalier attitude behind it, and the fact that it is already being abused to track down people who aren't terrorists, but who are merely doing their job to keep government entities like the NSA under some semblance of control - the journalists. There is no end to the manner in which this kind of information could be abused.

Aside from this being patently illegal, what bothers me is the cavalier attitude behind it

I guess as the US is a democratic country, it's alright to do so. Democracy means, literally, rule by the people. The vast majority of people either doesn't care or doesn't get beyond posting "wtf, criminals!" on/.

You'd have to shut down TV for a week or only a day - I bet enough people would start to care about this and many other things...

Is it, now? There's more to the Constitution than the 4th Amendment- try looking at Art. IV, Section 4 - The Executive and Legislature are obliged to protect the States, and any Judiciary right to review regarding such efforts is limited under the "political question" doctrine.

what bothers me is the cavalier attitude behind it...

If you don't like a politician's personality, vote for someone else. If your candidate loses, wait patiently for the next election

She's always getting calls from various places and then making a flurry of more local calls. She uses code phrases like "your cousin's baby was born last night and it's a boy", or "Great Aunt Zelda had a stroke but they say she's going to be okay".

Or how about everybody who is in the importing/exporting business? Or companies that have offices overseas. Although as long as they are "Bush Approved" companies I'm sure they won't have any problems.

Or, a foreign visitor gets a call that a close family member is seriously ill, they make a flurry of phone calls to cancel hotels, ring the airline, book taxies, and then try and get on a plane home. NSA see "foreign call, flurry of calls, trying to get on a plane in a clearly agitated state - panic, panic, red flag!" and "Oh, we're sorry you couldn't get home before your father died, national security, you know."

A country of 300 million people cannot have that many actual terrorists in it, even if you count domestic lunies like Timothy McVeigh and the Unabomber in the category (or more accurately the next generation of bomb making lunies). Monitoring a sizable fraction of that 300m can't possibly be just about finding "terrorists" - for one thing it's a needle in a haystack, and for another the number of other uses/abuses of such a system are too many to count.

Bet good money that most of the people who are or will be advesely affected by this surveilance have little or no connection with terrorism. Even if there was once some noble intent of protecting people by finding monsters hidden among them, it won't just be used for that. Any time you have a major source of power in polical hands, you can bet on it being abused eventually - and what greater power over a domestic population is there than widespread spying without judicial oversight?

A country of 300 million people cannot have that many actual terrorists in it, even if you count domestic lunies like Timothy McVeigh and the Unabomber in the category (or more accurately the next generation of bomb making lunies). Monitoring a sizable fraction of that 300m can't possibly be just about finding "terrorists" - for one thing it's a needle in a haystack, and for another the number of other uses/abuses of such a system are too many to count.

"If I'm sitting outside of a gas station at 1:30 am with a ski mask on and a cop pulls up, no crime has been committed but the officer would have probable cause to stop me and search my car because I'm behaving in a suspicious manner and the officer could reasonably speculate that a crime was about to be committed or had been committed."

Not at all. I think you need to research your rights better. The cop could stop you, he could ask to search your car, but would not be allowed to search it without a war

This approach to finding patterns works well in marketing where getting a 1% rate of sales to contacts is a good response rate. The problem with using this approach for anything in the real world is the 99% of the time you're wrong.

They looked at the history of a few people and found a pattern. Now that the pattern has been disclosed, only historical information is likely to have any merit. If the people controlling the communications know this is a way to be found, after getting a call from a watched country, they'll have the people go somewhere else and send emails or otherwise use a different channel for communication.

Knowing all of the data points isn't enough if you don't know which ones in different databases (phone, email, etc) are related and why.

Indeed, all this bullshit about "stopping terrorists" or even "supporting the troops" does not represent patriotism, but the quotes you mentioned do. All American citizens ought to be reminded of that.

The scary part is sooner or later they will be. When enough rights have been infringed on and our way of life has changed enough, other americans will realize they no longer truely have freedom. At that point they will come to realize what real patriotism is. Its unfortunate that they take thier freedom for granted so much that they have to be reminded what it is in the worst possible way: Losing it.

The last question in the post is ill posed: can data mining find terrorists -- the answer is yes. Simply set the threshold low: select anyone who has used a phone at any time and you'll likely get most terrorists. The problem is not sensitivity -- the real problem is specificity. If you have no or low specificity then the FBI will be investigating everyone (even those who "have nothing to fear since they have nothing to hide"). Specificity is where the search process interfaces with the Bill of Rights

Dismissing the legality and morality of doing this...Let's look how most Network Intrusion Detection Systems work today, including the OSS favorite Snort [snort.org].

We start off with a bunch if signatures. These signatures are analyzed against including network traffic. A signature is matched, an alert is sent out (syslog, mysql, whatever) and my little console displays the alert. I analyze, determine it's a "false alert". I try to tune it out, maybe, depending on frequency and annoyance, and continue on to the ne

Your logs aren't being appended to at a rate of ten thousand per minute, are they? You don't have three hundred million logfiles to manage, do you? And if you did, you'd expect an actual match quite often--daily, probably.Moreover, we have no idea what we're looking for. We could investigate absolutely everything, but that would take more manpower than we can spend on it. (Or rather, if we spent that much manpower, we'd experience a famine soon after.)

How could those calling patterns ever cause false leads? Surely terrorists operate like clocks and do everything by the numbers.

Okay, here's an example of how stupid the example given is (and it's not the example that's stupid, it's the intelligence community): I'm an American I have good friends, or maybe family living overseas. Let's say my brother lives in Germany and he just called me to tell me that his wife had a baby boy. So, what am I going to do? Call everyone in my family and anyone that knows my brother well and say, "Guess what, they had a baby boy."

The fact is that, with calls between friends and family overseas in particular, the calls are not infrequently going to be some sort of major or semi-major news that the person in the States is then going to want to share with other friends and family. If the FBI is getting hit with all this garbage, I'm surprised they find time to do anything else.

I'm not saying this stuff can't be used to find terrorists, but at what expense? I would imagine there are much more effective ways to spend the money.

To bring the example a little closer to home, back in the early 90s when export restrictions on encryption were quite a bit tighter than they are now, I was asked by an uncle of mine (who's a venture capitalist) to do a little research into encryption. He had been approached by a group that had come up with some new encryption algorithm and he wanted me to get some sort of feel for how theirs stacked up.

So, I go onto Usenet and start asking some questions, trying to educate myself on this stuff. A few weeks later, I'm talking to one of my neighbors and she says, "So, did you get that job at the White House?" I said, "What job at the White House?" She said, "Well, there were some agents from the State Department here asking questions about you and they said it was for a job at the White House."

Now, I'm no rocket scientist, but I can do the math. Ask about encryption, agents show up. I suspect the two were related. I'm sure they were probably NSA agents since encryption is really more of their deal, or maybe State Dept. agents tasked by the NSA. But whatever.

Had they even looked at my file, which I'm sure they had since I had a full background check for a security clearance a few years prior, they would have quickly discovered that I'm someone of little consequence and not a likely spy. But no, they had to send out a couple agents to investigate me asking questions that anyone from anywhere around the world could have posted on Usenet. What a complete waste of time and money. And it's not like you couldn't just download regulated encryption algorithms off the net at the time anyway.

But I digress. Spending money to protect us is fine, if it's spent wisely. This is costing time of valuable people and untold amounts fo money for what is sure to be barely usable information. But hey, that should come as no shock to anyone.

such as a call from overseas followed by a flurry of domestic calls are used to identify leads

...for example, a relative from overseas calls to say that Uncle Buck died in his sleep last night. Or when your daughter who's living abroad calls to say that she's fallen in love and is getting married. What do you do after receiving such a call? You call all the members of your family. There are 2 trivial scenarios that break the system.

Is it a sign that this technique is grasping at straws that I can think of one instance where this calling pattern would pop up that is totally legitimate in the first ten seconds of thinking about it?

Cheney accuses those he disagrees with of hoping our oceans defend us against terrorism, yet this bungling administration picks technologies that are both invasive to the innocent and ineffective in locating the guilty. We're spending billions on efforts that, at best, won't work and at worst will draw resources away from things that will be effective.

There was a local news story about a terrorism suspect who was picked up locally because of a tip from a flight school. Not from monitoring his phone calls, not by fingerprinting him when he came into the country, not by spy plane, satellite or any other whiz bang technology. Just a clerk at a airport counter in the middle of bf nowhere. And that's the sensor net that offers the best hope we have of combating terrorism. The clerk at the store, the landlord they rent from, the agent at the ticket counter, the hotel clerk, rental car company, bell hops, and neighbors. It's not depending on the government to keep us safe because they can't. Government is too big and too slow to respond to a ever changing threat landscape. Had we not spent the last five years alienating the muslim and mid-eastern communities in this country and abusing the few Arab allies we have in the mid-east, we might have been able to develop a community network that would have been effective and inexpensive (in relative terms).

No one seriously believes oceans can defend us, just like no one can seriously believe all the invasive technology being loosed on the people paying the bills is going to be any more effective.

The real question is how many crooks are going to get off the hook because of this? Obtaining phone records without a warrant and then passing them to the FBI is going to get more than a few convictions vacated.

Not really. Computers are good at recognizing patterns only when there is a large repository of data to "train" the computer with. For example, neural networks [wikipedia.org] are often better at recognizing patterns than if a person were to program a set of rules into a system. Man-made rules are often incomplete or lack the depth that a computer can bring to the table. A good example of this is Google Translate [google.com], which is considered one of the better translation programs and is essentially an advanced neural net that was fed a huge wad of data to train from.

America's data set on terrorism is in the single digits, and the data they do have is only partially complete. This means the only system that can be programmed is a set of user-created rules that "flag" questionable behavior. The solution is a poor one and will only improve our chances at detection by a fraction of a percent. (Seems a huge price to pay for privacy trampling to me.)

In order to detect terrorism on American soil effectively, we'd need a larger data set. Otherwise we're just attempting to reverse engineer a process that essentially defines itself as dynamic enough to avoid detection. We'd need a frequent source of terrorism that we could derive models and nets off of. The immediate source that comes to mind is Iraq. If I were in charge of the NSA program, I think the best course of action would be to harness the call-traffic (satellite and domestic), email activity and other "data" that precedes suicide bombers (or other known acts of terrorism) in Iraq. Using this data you could train a system to recognize similarities in America. Short of that, anything the NSA is trying is a crap shoot.

No. Freeing up lines of communication, preparing quick and actionable responses to warnings, and better general population awareness are probably more effective than grabbing a billion pieces of data and sifting through it for answers. It's impossible for a human to know what to look for, and until the NSA comes clean in what it's actualy doing, there's no justification for stomping out the few freedoms we still have. There are better alternatives out there that can be done with the help of the community and still preserve the integrity of our privacy.

This is about the US government spying on what it perceives as its biggest threat, its own citizens. The only terrorists they're going to catch with this are the mouth breathers and wannabees, like Moussawi. I can think of several far more secure ways to communicate than the freaking telephone. For one, drop your encrypted/stegged message into some high volume Usenet group in the alt.erotica.* hierarchy for your contact to surf by and pick up.

Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation.

Hmmm. So your father/son/sister/mother/brother/cousin/etc had some dramatic event happen overseas. Perhaps he was injured, or mugged, or perhaps everyone was just worried about him and he called to let you know he was safe.

One phone-call to the homeland, a bunch of calls among relatives and friends to pass the information along.

"Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation.

So recently my uncle died. He lived in Thailand. My mom (his sister) received a call from overseas, then obviously called every relative here in the U.S. We even called travel agents and airlines trying to arrange last minute travel. So by the FBI's reasoning, we should be investigated for this "suspicious" activity. There are so many more legitimate re

Armed with details of billions of telephone calls, the National Security Agency used phone records linked to the Sept. 11, 2001 attacks to create a template of how phone activity among terrorists looks, say current and former intelligence officials who were briefed about the program. (from the USA Today article)

Are they admitting to collecting details on domestic phone calls _before_ 9/11?

But it can identify people with large extended families who have relatives overseas and get an important call about a death in the family, notify all their North American relatives, and then have government agents show up on their door.

Every single pattern-based terrorist screening method I have heard about sounds like something dreamed up in an air-conditioned office by some dork who never gets out very much and thinks all people are basically like him (and anyone who isn't ought to be subject to government investigation.)

Hanging around public buildings taking pictures? Must be a terrorist. As opposed to say, just interested in taking pictures of public buildings because modern-day monumental architecture happens to turn you on.

Want to learn to fly a 747 but don't have any interest in a career as a pilot? Must be a terrorist. Unless you happen to be fascinated by aircraft and think that a few weeks of flight school would give you bragging rights to die for at your local RC club.

Like to pay with cash, even for purchases in the thousands like furniture or maybe a car? Must be a terrorist. Or maybe you don't qualify for a chequing account, or are just a little bit paranoid, or just don't fucking feel like doing anything else.

These sorts of unvalidated, non-empirical, "feels like the right thing to me", ad hoc, imaginary "patterns of suspicious activity" are a major threat to freedom because they demonize and may even criminalize deviancy from the norm. It is a characteristic of unfree societies that deviancy from the norm is not just looked at asscance by the majority of the population, but is viewed as grounds for suspicion of the most heinious acts.

Furthermore, such datamining solutions are not able to identify terrorists reliably even when they have all kinds of intelligence data entered into them. A report on the chilling-named MATRIX [fas.org] system indicates that the system was only able to identify 5 of the original 9/11 hijackers in a retrospective test, a 75% false negative rate, and it further identifed 120,000 other Americans who had a "high terrorism factor." Supposedly "scores of arrests" resulted from that list, although no one knows what the arrests were for or how many of those were sucessfully prosecuted. The odds are most of them were for drug possession charges that were laid as a result of the increased scrutiny certain individuals got by virtue of wholey baseless suspicions of terrorism. But let us grant 60 successful prosecutions for terrorist-related activities. That's a false positive rate of over 99.9%

And that was when the system was loaded with specific intelligence data, which is no longer the case.

Given the complete failure of such systems to detect terrorists in retrospective studies, and the horrifically high false positive rate, and the chilling effect such programs have on the freedom to be different, it is very hard to believe that their real purpose is to spy on Americans and impose a high degree of conformity on American society.

Just as generals are always fighting the last war, the police are always solving the last crime. Terrorists are crazy but not stupid. High-tech methods are much less valuable than old-fashioned boots-on-the-ground mole-in-their- midst human intelligence.

As much as I usually support civil liberties for individuals against government intrusion, I am now asking myself: why did this story have to be published?

After all we already paid a heavy price: all our phonecalls now end up in the NSA's database with the ostensible reason of tracking down potential terrorists. The one and only return would have been to enable the NSA to conduct traffic analysis on this data in order to form a dragnet with which to narrow down suspicion from hundreds of millions of subsc

Not that I'm at all happy about the monitoring, but in fairness, would the NSA/FBI report massive success with the data mining? Doing so would inform terrorists (drug dealers, lesbians, Democrats) that the simple pattern of their phone calls can identify them, forcing them to change their methods of communications, undermining the success of the program. It might be sufficient for them to publicly leak stories that the program isn't working while reporting to the government that it's actually quite successful. It certainly wouldn't be the first time disinformation has been used.

An interesting aside: as reported by Bruce Schneier, al Qaeda members avoid Echelon by using shared Hotmail accounts. Rather than sending email, they create drafts and save them, and have a running conversation in the draft before deleting it. Not sending the email means the email doesn't trigger midpoint monitoring. Would they be doing that if they didn't know about Echelon?

Surely real terrorists aren't using telephones to plan their activities? I know if I was a terrorist I wouldn't. I'd be making an "X" on my window with duct tape, or carrying a newspaper rolled up under my left arm (but not my RIGHT arm - that means I was followed), or touching my nose with my forefinger.I have a feeling that we're only going to catch the really stupid terrorists this way - and they are probably the ones who don't do much damage to anyone but themselves. "Hey, Mohammed! Osama just called an

and, while it can potentially be useful *if properly implemented* , it has been found to be of questionable use as well, in many cases because "profiling" is done with unsound methodology (i.e. people are associating the wrong sets of identifiers/characteristics with what they are trying to find: http://en.wikipedia.org/wiki/Offender_profiling#Co ntroversies [wikipedia.org].

Please note I am *not* trying to defend the idea of spying on Americans with what is most certainly data-mining. I'm just pointing out it looks like

Hey we have all this data! We can use it to accurately predict future behavior of a large group of autonomous, independent human beings!

*BZZT* Wrong. This is the danger of falling into the social science trap, where you think that because 1 group of individuals has acted a certain way in the past, that another (however similar) group of individuals will act the same way in the future.

2) I test a copy and like it. He then calls me or I call him for a phone interview.

3) My next step is to call a bunch of sources in the U.S. and elsewhere, ask what they think of the software.

So with no family or friends in Pakistan, I am suddenly a potential terrorist threat by NSA standards. Uh huh.

It doesn't need to be a story about software, either. One about anti-terrorism activities could generate a similar call pattern.

On the other hand, I suppose that by current U.S. government standards, any journalist who makes a lot of calls to verify a story, instead of being a Good Little Boy and sticking to "official sources," is nearly as dangerous as a terrorist, anyway.

they would really, really have to work hard to establish links between postings in high traffic usenet groups and the people reading them... an awfull lot of info can be put into a subject line without making it too obvious and the recipient merely has to download the headers, doesn't actually have to access the body at all... so there's absolutely no way to ascertain who, out of the thousands of people using that group, is actually receiving commands.

Similarly with blog comments... a lot of it looks like spam, but it could be disguised commands, and it can be seen by people using search engines so there's a disconnect (cutout) between the poster and the recipient. All the reader would have to do would be to search on an innocent phrase agreed between the poster and the recipient and then view the cache of the page that matches that content...

they could be using Slashdot right now to coordinate the next big one...

In a nutshell, his premise is that the underlying assumptions that make data mining work for such things as credit card fraud don't hold when searching for terrorist plots. Also, that trying to apply those models will result in a flurry of false negatives so large as to make the whole effort useless and a waste of resources which could otherwise be better spent. It's hard to argue with...

The most effective way of stopping terrorists is taking away their cause. Believe it or not, terrorists don't blow up hundreds of people as well as themselves because they "hate freedom" or any of that rubbish.

I agree - the problem should be bombed into oblivion. Bombed with aid. Bombed with education. Bombed with donations for worthy causes - hospitals, water, schools, preservation of national heritage, museums, etc.

Sure, if we didn't need to secure their oil for our energy companies, we could disengage from the Middle East. However that still leaves the question of Israel. I don't see how we'll resolve that issue to the satisfaction of the Arab world short of resettling all of Israel on land donated by Europe or America (lots of federal BLM land in the west).

Because smart terrorists who want to sew distruction aren't fitting the calling patterns. They won't be using the same phones repeatedly, and they are probably using networks that are harder to observe or crack (such as sneakernets).

Easiest way:Mahmud Gibran's father, Gibran Mahmud, lives in Egypt; Mahmud Gibran lives in NYC. They talk every month or so. They're both terrorists, or allied with terrorists at least, but neither of them participates in illegal activities themselves.

Gibran Mahmud gets a note via dead drop. It contains a message for a terrorist cell in New York. He reads it off to his son Mahmud during their next conversation (in some obscured form). Mahmud writes down the details and drops off the note at a prearranged pla

The fact that there hasn't been another attack doesn't really prove anything more than the fact that there was no attack for three years prior to 9/11, or five years prior to that. If you could show that the number of terrorist attacks per unit time under the current security policy are lower than the number per unit time under our old policies, then you'd have a case. But just saying "there hasn't been any attacks for five years" doesn't mean anything --- it could simply mean that terrorist attacks are rar